On September 22, 2023, CERT-In (the Indian Computer Emergency Response Team) issued a high-severity alert regarding several vulnerabilities discovered in Apple products, encompassing the iPhone and Apple Watch. These vulnerabilities pose a significant security risk, potentially allowing hackers to execute arbitrary code, elevate their privileges, or circumvent security measures on the targeted device.
These vulnerabilities have arisen due to issues with certificate validation in the Security component, the Kernel, and the WebKit component within Apple products. Through a meticulously crafted request, an attacker could exploit these vulnerabilities, potentially granting them unauthorised access or the ability to run arbitrary code on the compromised system.
SEE ALSO: Charging Android Phone From iPhone 15 — Here Are List Of Things You Can Do With USB-C Port On iPhone 15 Series
The affected devices include-
Apple macOS Monterey versions prior to 12.7
Apple macOS Ventura versions prior to 13.6
Apple watchOS versions prior to 10.0.1
iOS versions prior to 17.0.1 and iPadOS prior to 17.0.1
Safari versions prior to 16.6.1
How you can stay safe
To safeguard your personal data, users are advised to update their devices to the latest watchOS, tvOS, and macOS versions, as recommended by the national cybersecurity authority responsible for overseeing security matters across various software releases.
Media reports have highlighted the potential risk of attackers gaining access to Apple watches, TVs, iPhones, and MacBooks if software vulnerabilities are not addressed. To address this issue, Apple has made the necessary updates available on its official website, cert-in.org.in, ensuring users can mitigate these security concerns.
SEE ALSO: WhatsApp Enables Credit Card And UPI App Payments In India; Here’s How It Works